| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'auditctl EACCES' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'auditctl EACCES' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EACCES' (64-bit) | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EACCES' (64-bit) | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EPERM' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EPERM' (64-bit) | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERM | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 11 v1.2.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.49 Restrict Access to SYSCAT.AUDITEXCEPTIONS | CIS IBM DB2 12.1 v1.0.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.1 Restrict Access to SYSIBM.SYSAUDITPOLICIES | CIS IBM DB2 11 v1.2.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | ACCESS CONTROL |
| AIOS-26-017700 - DOD Apple iOS/iPadOS 26 devices must have a Mobile Threat Detection (MTD) app installed - MTD app installed. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERM | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERM | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure unsuccessful unauthorized file access attempts are collected - b64 EACCES | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-12-006800 - Google Android 12 must be configured to not display the following (work profile) notifications when the device is locked: | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-006800 - Google Android 13 must be configured to not display the following (work profile) notifications when the device is locked: [selection: | MobileIron - DISA Google Android 13 COBO STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-13-006800 - Google Android 13 must be configured to not display the following (work profile) notifications when the device is locked: [selection: | MobileIron - DISA Google Android 13 COPE STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-14-006800 - Google Android 14 must be configured to not display the following (work profile) notifications when the device is locked: [selection | MobileIron - DISA Google Android 14 COPE STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-14-706800 - Google Android 14 must be configured to not display the following (work profile) notifications when the device is locked: [selection: | MobileIron - DISA Google Android 14 BYOAD v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006800 - Google Android 15 must be configured to not display the following (work profile) notifications when the device is locked: [selection: | MobileIron - DISA Google Android 15 COPE STIG v1r3 | MDM | ACCESS CONTROL |
| GOOG-16-006800 - Google Android 16 must be configured to not display the following (work profile) notifications when the device is locked: | MobileIron - DISA Google Android 16 COBO STIG v1r1 | MDM | ACCESS CONTROL |
| HONW-13-006800 - Honeywell Android 13 must be configured to not display the following (work profile) notifications when the device is locked: | MobileIron - DISA Honeywell Android 13 COBO STIG v1r1 | MDM | ACCESS CONTROL |
| JUSX-AG-000146 - The Juniper SRX Services Gateway Firewall must generate an alert to, at a minimum, the ISSO and ISSM when unusual/unauthorized activities or conditions are detected during continuous monitoring of communications traffic as it traverses inbound or outbound across internal security boundaries. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b32 EACCES auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b32 EPERM auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b32 EPERM auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EACCES auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EACCES auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EPERM auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EPERM auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-010510 - The SUSE operating system must notify the System Administrator (SA) when AIDE discovers anomalies in the operation of any security functions. | DISA SLES 12 STIG v3r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 110' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 117' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 131' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WN22-00-000120 - Windows Server 2022 must have a host-based intrusion detection and prevention service installed. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
